Category : Industry News
Hacking Facebook: A Socialbot Infiltrating Approach
Last week I read a fascinating yet terrifying paper on the natural evolution of bots. The paper is called “The Socialbot Network: When Bots Socialize for Fame and Money” by Boshmaf et al. Bots in the email security world have been around for a while and are used primarily for spamming. Socialbots are programs that mimic humans and infiltrate social networks to farm for personal data. The paper is a great read on how the authors engineered a Socialbot network and released it on Facebook. (Nov 16, 2011)
How to change the SQL Max worker threads to improve performance
A “normal” SQL installation on a standard Windows Server will usually run without performance or bottleneck issues. However, a 32-bit server with 4 processors or less uses only 256 worker threads, which is predefined by the SQL installer. (Oct 20, 2011)
Smartphone security: an overview of security frameworks and controlled app marketplaces Part 3 of 4
There are 3 generic software installation models for a mobile apps marketplace: the walled-garden model, the guardian model, and the user-control model. (Oct 12, 2011)
Smartphone security: an overview of security frameworks and controlled app marketplaces Part 2 of 4
There are 4 main security features common to the 4 major smartphone OSs: process and file system isolation, app or code signing, ROM, firmware and factory restore, and kill switches. (Sep 28, 2011)
Smartphone security: an overview of security frameworks and controlled app marketplaces Part 1 of 4
The app marketplaces of the 4 major smartphone OS vendors have very different approaches for enabling the security of your device. (Sep 14, 2011)
Orange.fr doesn’t get it. Spam !
I just came back from a 2-week vacation in France. Prior to leaving, I looked at Orange.fr, a large service provider in France that offered, among other things, mobile phone plans. The idea was to get a prepaid SIM card for my mobile phone, so that I could have a local (French) number to use in case of emergency. Adding an item to my shopping cart on Orange.fr resulted in getting spammed by them every single day for 15 days! (Sep 06, 2011)
The Cloud: A necessity, accommodation or future strain?
The web is enabling the birth of new technologies, and one that is quickly gaining popularity is cloud computing. One such example is companies who provide data storage to individuals or organizations on their servers in order to create new sources of revenue. Take note that the wallet size of your average Joe might not be large enough to afford this luxury. (Aug 04, 2011)
How safe is your smartphone?
Smartphones have become a household commodity. If you think everyone has traded in their ‘simple’ phone call-only devices for these pocket-sized computers, you’re not imagining things. A recent survey by the Pew Internet Project shows that 35% of American adults own one. (Jul 14, 2011)
Tired of dot.com? Do you have $185,000?
You think the Internet is a jungle? You haven't seen anything yet! A while ago, we were working on standardizing Internet domain names in an attempt to classify email traffic. Example: by forcing adult content to add “SEXUALLY-EXPLICIT” in emails, the creation of .xxx domains, and many other ideas that never came to light. (Jun 23, 2011)
To be or not to be in the cloud?
The Cloud: it’s an exciting topic these days when everything is being shaken up and revolutions are characterized by going viral through the digital highway of the internet."The Cloud” stands out but its sky is darkened by its failures. I do not know about the revolution, but I would say the Cloud is the most logical continuation of our use of digital worlds. I am almost in agreement with Oracle CEO Larry Ellison shouting that the cloud has always existed (Jun 07, 2011)
RSA, SecurID, Comodo: What Can We Trust Now?
Internet security was critically compromised last week in separate incidents. First, RSA was apparently compromised and data was stolen from its critical servers. There is speculation that the SecurID source code or even the seeds may have been copied. (Apr 01, 2011)
Webcast: Introducing directQuarantine for Outlook
On April 19th 2011 we will be launching directQuarantine for Outlook, our new quarantine management solution. Register for the sneak peek webinar to find out the features, specifications and most importantly, what it can do for you and your users. (Mar 24, 2011)
12 New Terms for the Anti-Tech Dictionary
In case you missed it, Chris Bowlby, a BBC Mobile News contributor, wrote a fun little article about the evolution of techno-speak and how the unplugged portion (Internet-wise) of the world’s population had no clue what the plugged-ins were talking about. In response, he created some great new anti-tech words and phrases. The subject has obviously struck a chord with people who responded with flurry of their own contributions. (Jan 20, 2011)
The impact of IPv6 on message filtering systems
An interesting article was posted on Slashdot in December: "As public IPv4 addresses dwindle and carriers roll out IPv6, a new problem has surfaced.." In the short term, this is definitely going to be a problem for email security companies that rely strongly on DNSBLs or reputation-based systems. (Jan 19, 2011)
2010 Spam Subject Highlights
As the year draws to an end, we thought it high time to do another of our Top 10 favorite spam subject lines. The choice (unfortunately) is always aplenty but we think you’ll enjoy these – unless you can do better of course! (Dec 31, 2010)
#FAIL: Don’t let your anti-virus trap you!
Reported last week in PC Pro1, leading security firms AVG and Symantec have been accused of ripping off their customers by cutting short their AV subscriptions once they had upgraded to different versions of the software. (Dec 13, 2010)
In the war against spam, where does legislation fit in?
Currently, there are several different approaches to fighting spam, including:Technological, Associative and Legislative.Today I’ll talk about the legislative approach: what it actually represents, along with its status, limitations and weaknesses. (Dec 06, 2010)
Mark Zuckerberg commented on your photo
This is a new spam that has just started showing up in my inbox. A few others seem to have received it. It seems like a non-threatening phishing attempt redirecting clickers to mysearchmusic.com. The destination site seems unharmful at first glance, and acts as a MP3 Search Engine, with Google AdSense. (Nov 24, 2010)
Facebook Mail Rumor: Friend or Foe? Gmail killer?
The feature hasn’t even been officially announced yet and already the “Will Facebook kill Gmail, Hotmail, etc.” speculations are popping up all over the Net. I don’t know about ‘kill’ per se, but Facebook will definitely give the big guns a run for their money. (Nov 12, 2010)
Java exploits increase as AV performance decreases
These 2 pieces of bad news could make a bad combination. The first piece of bad news is the recent upswing in attacks on Oracle’s Java software. According to a Computerworld1 article published today, the past 9 months has seen a whopping increase in attacks, from “less than half a million in the first quarter of 2010 to more than 6 million in the third quarter.” Much of the focus of these attacks has been on 3 vulnerabilities that were supposedly patched months, even years ago. (Oct 20, 2010)
Word of the Week: Likejacking
Facebook’s Like button is now available for use on sites external to Facebook. What does this mean? (Sep 10, 2010)
From Wave to Ripple to Flat line: Google Pulls the Plug on Wave
It came. It went. The end of email was predicted and in the end it’s Google Wave that bowed out. Looks like we didn’t have to wait long to see what the future would have in hold for Google Wave: on August 4th, Google announced that they were pulling the plug on Wave due to lack of user adoption, and discontinuing its development as a standalone product. (Aug 06, 2010)
Who is Responsible for Internet Security: A Response
Basically you have the Australian courts who want to place the onus on the shoulders of end-users. Others want to put the responsibility on Operating System or Application vendors due to their security holes. Finally, you have the Mail System operators or Network connectivity providers (ISPs) who don't take sufficient measures to combat open relays or botnets where infected machines act like SMTP proxies. (Jul 26, 2010)
Who’s responsible for Internet Security?
A couple of stories in the news today caught my attention because they have very opposite perspectives on tackling cybercrime and Internet security. First, the Australian government is thinking of making home computer users responsible for security1. They’re contemplating legislation to force users to install anti-virus programs and firewalls on their home computers before being allowed to connect to the Internet. (Jun 23, 2010)
May Email Security News: New Undersea Cables Feed African Botnets
Email Security Industry news from May 2010 with commentary (May 31, 2010)
Here come the spam police
The German courts may have just opened the floodgates. Their top criminal court ruled this week that home wireless users can be held responsible for not password-protecting their wireless connections. If the unprotected connection is used for illegal file downloads, the owner can be fined up to 100 Euros (currently $126). (May 17, 2010)
Facebook or Faceblock? Facebook implementing their own ‘email security’?
Facebook is coming under scrutiny (again!), this time about their email scanning policies. Most of you are probably in the email security industry and are well aware that any email security solution will scan a message to divert or block spam, phishing, etc. (May 12, 2010)
Why can’t you stop this spam?
Maybe you’ve seen more spam hitting your Inbox over the past couple of months and wondering, “Why am I paying for filtering? This stuff is obviously spam – why can’t you guys stop it?” The main challenges of being in the spam filtering business are dealing with clients’ expectations on the one hand, and the sheer size of the spam/malware machine on the other. (Apr 16, 2010)
March Email Security News
A summary of links to recent articles that I have found interesting in the last few weeks. Includes my own commentary. (Apr 02, 2010)
Why you shouldn’t cut your email security costs
These days, running a business without email security exposes you to huge, unnecessary risks and costs. What is the cost of security? It should not have a price tag. Imagine having to go through thousands of emails (mostly spam) every day, just to make sure an important message does not get deleted. (Mar 29, 2010)
Spamhaus releases a new spam-fighting tool
Spamhaus publicly released its new Domain Block List (DBL)1earlier this week, after beta testing it for much of last year. They claim they have had “exceptionally positive” results from the testing, and the premise is really quite interesting. (Mar 03, 2010)
How would you punish a spammer?
“Last time out I suggested sentencing spammers to some quality time in a maximum security cell with an ex-biker named "Tiny." But I think that's too good for these people. They should be strung up by their thumbs and forced to watch ShamWow infomercials and Rick Astley videos until their ears bleed.” Robert Cringely, InfoWorld 1 (Feb 03, 2010)
Spam: Surveying the Surveys
Another year has passed and it seems everyone is busy publishing their year-end security reviews, survey results, and fearless predictions for the upcoming year. (Jan 20, 2010)
Personal email sent from work: is it private or company property?
With scandal after scandal involving employees stealing company data or releasing financial details, many companies have cracked down and are reading employee email. With many new laws coming into effect, and companies scrambling to meet regulatory compliance guidelines, it is important to remember that employees have rights too, and that they must be informed about any monitoring policies. (Nov 25, 2009)
Do the Crime…Do the Time?
Should Cybercriminals face life in jail? Announced this week in New Delhi, India, cyber-terrorism is now punishable with life-time imprisonment. An amendment was made to the Information Technology Act that was passed in 2008 to now include new-age cyber offences such as identity theft, cyber stalking, and cyber harassment among others. (Oct 28, 2009)
Is Email Dead? Don’t believe the Hype!
With all the buzz around social media (and notably so), industry analysts are declaring email a thing of “the past” and that social media applications, namely sites like Twitter and Facebook, will take over as our online method of communications. As technology evolves, it drives the habits of consumers. (Oct 23, 2009)
What’s the (cyber)world coming to?
Am I the only one who’s getting creeped out by the increasingly sinister tone of the latest cyberthreats making the rounds? Several news items from the past couple of days make me want to unplug my computer and forget I’d ever heard of the Internet. (Oct 07, 2009)
What Email Security Shouldn’t Cost you
Customized professional services contract should not cost your organization an arm and leg. (Sep 30, 2009)
Where does your data go when you’re not looking?
So it’s time to review and update your network security and you're preparing the budget. You’ve included the costs for hardware peripheral devices, anti-malware solutions, maybe encryption, etc. But what about a lawsuit - did you factor that into the bottom line? (Sep 09, 2009)
Critics Smell Spam in White House Healthcare Email Effort
The White House has emailed thousands of messages to Americans detailing its stance on the contentious issue of healthcare reform, but some recipients say the messages were unsolicited. Critics are questioning whether the White House used address-gathering tactics similar to those employed by spammers. (Sep 02, 2009)
Security Software Revenue Up 18.6%
Worldwide, the key drivers for fueling the growth of IT security spending are data security and privacy and the need to protect IT infrastructure from the ever-increasing sophisticated and targeted attacks. For North American and Western European Organizations, compliance was one of the major drivers. (Aug 28, 2009)
“ElephantGate” and other stories
Ah the “Dog Days” of August! Give me a hot, sunny day, a comfortable lawn chair and a really good spy novel, and I’ll get lost for hours. But who needs books these days? A recent article about corporate espionage reveals a wealth of true-life - and often truly bizarre – tales. Move over James Bond, the company janitor has cool gadgets too! (Aug 26, 2009)
Researchers simulate million-zombie botnet
Researchers at Sandia National Laboratories in California, headed by Ron Minnich and Don Rudish, were able to boot more than one million kernels, or the central component of most operating systems, as virtual machines in a massive botnet simulation. Previously, researches had only been able to create a simulated botnet of up to 20,000 nodes. (Aug 19, 2009)
More Recent News
Recent Spam Survey Winners
We are extremely pleased with the tremendous response that we have received to this point from our Fight Email Spam survey. As promised we have randomly selected winners of our gift card prizes. (Jan 23, 2012)
New Year's Resolution
We spend 8 to 10 (or more) hours a day at work - more time than we spend anywhere else - and our desks/workspaces are becoming our kitchen tables. But, do you realize that our desks are covered in more bacteria... (Jan 20, 2012)
Email Usage Survey
We are currently conducting a market research on email usage at work. Thank you for filling our this very short survey. (Jan 12, 2012)
